Authenticating Users

If you don't want a user to use your Telerik Platform app anonymously, you must first authenticate them. This is done by specifying the username and the password for the user. Once you are authenticated successfully, the server will issue an access token.
You can then use this token to impersonate each subsequent request to Telerik Platform.

In order to do this, add the following header to these requests:

{"Authorization" : "Bearer your-access-token-here"}

Access tokens are temporary, they expire. After a token has expired, you must reauthenticate the user to get a new access token. There are also other cases when a token becomes invalid:

After the user is authenticated, the server will return an object with a Result key that holds an object with the following keys:

access_token

token_type

principal_id

You can use the access_token value to authenticate subsequent requests on behalf of the current user as described in the introduction of this chapter.

The login request does not return any specific information about the user except its Id in the principal_id field. You can easily retrieve the user's account information by using the special "me" request. You can read more about that in the next section.